[thelist] Weird bot email [long]
Maximillian Schwanekamp
lists at neptunewebworks.com
Sun Sep 11 00:01:00 CDT 2005
Hassan Schroeder wrote:
> Ken Schaefer wrote:
>> It might work if the backend SMTP server allows relay, it might work if
>> email's dropped directly into the SMTP server's working queue (bypassing
>> relay checks), but otherwise, you just end up with crud in the body
>
> Yep. I've been seeing the exact same thing on a contact form on one
> of my sites, with this same 'bcc: jrubin3546 at aol.com' inserted into
> the comment body.
>
> Annoying, definitely. :-)
Jeff Howden wrote:
> I've seen these come through mine and my clients' sites as well.
Most fail,
> but I found one today that made it through. More here:
> http://mkruger.cfwebtools.com/index.cfm/2005/9/5/email%20injection
Ah, great answers all round. Thanks guys! In the meantime since
posting I added in a preg_replace() on the user-supplied data to take
out any useful headers, but the article Jeff gave was excellent, and I
will actually include a captcha as well.
Hassan, did you bother reporting jrubin3546 at aol.com to AOL? I'm going
to, even though I don't really expect The Great Unwashed will do
anything about it.
--
Max Schwanekamp
http://www.neptunewebworks.com/
More information about the thelist
mailing list